Course info

Level

Intermediate

Updated

Dec 31, 2019

Duration

1h 3m

Description

Conducting an information security audit can be a lengthy and in-depth process. In this course, Maximizing Nmap for Security Auditing, you will learn how to leverage the capabilities of Nmap. First, you will discover how to use Nmap to find network hosts and potential vulnerabilities. Next, you will see how to leverage the Nmap scripting engine to increase Nmap’s capabilities. Finally, you will create custom solutions to increase your productivity and the effectiveness of the audit. When you are finished with this course, you will be ready to effectively implement Nmap in your information security audits.

More from the author

Section Introduction Transcripts

Course OverviewHello, I'm Matt Glass, and welcome to my course, Maximizing Nmap for Security Auditing. I'm a senior system engineer working with a defense contractor in Stuttgart, Germany. Testing network security controls and discovering vulnerabilities are important parts of any organization's security plan. Nmap, or Network Mapper, is a tool that's been around for more than 20 years and continues to expand its capabilities. In previous courses, we explored Nmap scanning phases, capabilities, and uses in testing security controls on network devices. In Maximizing Nmap for Security Auditing, you'll expand on the concepts covered in the previous Nmap courses and dive deeper into Nmap scripting capabilities. In this course, we will, not only discuss how to use different Nmap options, but also how to incorporate and map into shell scripts to automate auditing tasks. This course also introduces you to creating your own custom Nmap scripts to use in the Nmap Scripting Engine and also how to modify existing built-in scripts to tailor output to your reporting requirements. This course is the next step on your journey to understanding and effectively implementing Nmap, so it's recommended that you have some familiarization with the tool or watch the Getting Started course and Testing Security Controls and Detecting Vulnerabilities with Nmap, before you begin this one. While all the examples in this course are run from a Linux command line, the GUI version is available and can be used if that is your preference. In addition to Nmap familiarization, it is recommended that you have a basic understanding of IP version 4 addressing, ports, protocols, and variable-length subnetting before taking this course. I really enjoyed creating this course, and I hope you enjoy watching it.